<?php
require_once("../../class2.php");
require_once("./includes/require_all.php");

if (isset($_POST['action'])) {
	foreach ($_POST as $k=>$v) $_POST[$k]= cleanhtmlspecialchars($v);
	if ($_POST['action']==="edit") {
		$tq= $db->prepare("UPDATE cms_notes SET note=:CHANGED WHERE id=:ID LIMIT 1");
		$tq->execute(array(':CHANGED'=>$_POST['content'],':ID'=>$_POST['id']));
	}
	elseif ($_POST['action']==="del") {
		$tq= $db->prepare("UPDATE cms_notes SET status='Изтрито' WHERE id=:ID LIMIT 1");
		$tq->execute(array(':ID'=>$_POST['id']));	
	}
	elseif ($_POST['action']==="add") {
		$tq= $db->prepare("INSERT INTO cms_notes (`note`, `game`, `user_id`, `user_name`) VALUES (:NOTE, :GAME, :USERID, :USERNAME)");
		$tq->execute(array(':NOTE'=>$_POST['content'],':GAME'=>$_POST['game'],':USERID'=>$_POST['userid'],':USERNAME'=>$_POST['username']));	
	}
}
?>